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(57) Abstract: According to the invention, a method and apparatus are disclosed for dynamically assigning a public network address 
for a private network host (197) in response to a request generated external to the private network (140). A requesting host (139) 
desiring access to a host (139) with the private network (140) queries a domain name server (150) for the public network address 
of the private network host (197). Then, the domain name server (150) queries a network address translator (100) of the private 
network (140), and receives a reply indicating a dynamically allocated public network address for the specified private network host 
(197). The requesting host (139) can then use this returned public network address for communicating with the private network 
host (197). In this manner, a set of public addresses can be shared, with a public network address being dynamically allocated to a 
private network host (197) in response to a request for access by a host external to the private network (140). Moreover, a public 
network address is assigned to a private network host (197) for a limited period of time. This time period can be specified as a period 
of network inactivity related to the public network address, or a specified time duration (e.g., for one hour, from 3:00 PM to 5:00 
PM). The aging of these assigned public addresses is processed by the domain name server (150) itself, or by the network address 
translator (100) which sends a message to the domain name server (150) when an assigned public address is no longer valid for a 
particular private network host (197). 
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METHOD AND APPARATUS FOR DYNAMIC ALLOCATION OF 
PRIVATE ADDRESS SPACE BASED UPON DOMAIN NAME SERVICE QUERIES 

BACKGROUND OF THE INVENTION 

1. FIELD OF THE INVENTION 

This invention relates to data communication, network address translators, and 
domain name servers; and more particularly, to the dynamic allocation of a shared network 
address by a network address translator to a private network device in response to a domain 
name server query. 

2. DESCRIPTION OF THE PRIOR ART 

The Internet and the World Wide Web are rapidly expanding, with the number of 
new devices being connected at a phenomenal rate. A direct result of this expansion is a 
shortage of Internet Protocol (IP) addresses. Internet Protocol is the fundamental protocol 
used to route traffic across the Internet. It is typical to assign a globally unique address to 
each host attached to the Internet that use TCP/IP. However, in order to extend the life of 
the current IP addressing scheme (i.e., IPv4), address registries are requiring more 
justification before an organization can acquire additional IP addresses. Thus, an 
organization may not have enough assigned globally unique IP addresses to dedicated one to 
each host computer desiring global connectivity. 

Network address translation (NAT) was developed as a way of addressing IP address 
depletion and scaling in routing problems. NAT allows the use of IP network addresses 
within a private enterprise network which are unique within the private enterprise network, 
but which are ambiguous outside the private enterprise network (e.g., across the Internet). 
This allows the same IP network number to be used in other local or private domains (i.e., 
private enterprise networks); and thus, helps to lessen the impact of the IP depletion 
problem. 

For example, private enterprise networks can number their hosts according to the 
methodology proposed in "Address Allocation for Private Internets", RFC 1918. A NAT 
router is placed at the border of the private enterprise network and is used as an interface to 

1 
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the Internet or other external network. The NAT router allows a host within a private 
enteiprise to communicate with another host on the Internet (i.e., outside the private 
enterprise network) by translating the IP address of the private enterprise host to and from a 
globally unique IP address. To allow a host within the private network to be accessed by a 
5 host external to the private network, the NAT address translation must be known a priori, 
and be statically defined. The NAT router can then use this static address translation to 
translate the predetermined globally unique IP address to the private network address of the 
host. This NAT approach works well when the number of hosts desiring global connectivity 
is equal to or less than the number of globally unique IP numbers assigned to the NAT 
1 0 router. Network address translation and its use is further described in "The IP Network 
Address Translator (NAT)", RFC 1 63 1. 

When the number of hosts desiring global Internet connectivity exceed the number 
of globally unique IP addresses assigned to a NAT router, a NAT router implementation 
allowing dynamic address translation is required. Dynamic address translation allows a 

1 5 single globally unique IP address to be time-shared by a plurality of private network hosts. 
In this configuration, a NAT router assigns a private network host one of a pool of unique IP 
• addresses to use for a finite amount of time. After a time-out period, typically based on a 
predetermined time period of inactivity, the globally unique IP address is relinquished, 
returned to the pool of globally unique IP addresses, and made available for other private 

20 enterprise hosts to use. However, current dynamic address translation NAT implementation 
provide for only a one-way assignment of a globally unique IP address to a private network 
host, which is based on a request from a host within the NATs private enterprise network. 
Generally, a host external to the private network cannot reach a desired host within the 
private enterprise network where the NAT router uses dynamic IP address assignment. 

25 Such externally requested connectivity is only possible in the limited case where a NAT 
dynamically assigned IP address still resides for the desired private network host from a 
previous request initiated by a private network host. Once this address translation entry is 
removed from the NAT routers translation tables, externally-initiated connectivity is not 
possible. Moreover, a reason for using dynamic provisioning of globally unique IP 

30 addresses is so a plurality of private network hosts can share a limited number of globally 
unique IP addresses, and thus, a private network host is typically not assigned the same 
globally unique IP address each time. 
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SUMMARY OF THE INVENTION 

According to the invention, a method and apparatus are disclosed for dynamically 
assigning a public network address for a private network host in response to a request 
generated external to the private network. A requesting host desiring access to a host within 
the private network queries a domain name server for the public network address of the 
private network host. Then, the domain name sever queries a network address translator for 
the private network, and receives a reply indicating a dynamically allocated public network 
address for the specified private network host. The requesting host can then use this 
returned public network address for communicating with the private network host. In this 
manner, a set of public addresses can be shared, with a public network address being 
dynamically allocated to a private network host in response to a request for access by a host 
external to the private network. 

In one embodiment of the present invention, a domain name server receives a 
request for the public address of a private network host, using a public Internet Protocol (IP) 
address. The domain name server then determines if a valid public address for the private 
network host exists in an address data structure maintained by the domain name server. If a 
valid public address is found, the domain name server returns it to the requesting host. If a 
valid public address is not found, then the domain name server requests a public address 
from a network address translator identified with the private network. The network address 
translator then determines whether a public network address is currently assigned to the 
private network host If not, and one is available from a pool of public network addresses 
available to the network address translator for the private network, then the network address 
translator allocates a public network address for the private network host The network 
address translator then sends the domain name server the public network address or an 
indication that such address or the host was unavailable. An appropriate public network 
address might not be assigned for many reasons, including all public numbers are currently 
used or reserved; the private network host is not running; or security considerations 
preclude public access to the private network host. 

Furthermore, a public network address is assigned to a private network host for a 
limited period of time in accordance with the present invention. This time period can be 
specified as a period of network inactivity related to the public network address, or a 



WO 02/35801 



PCTYUS01/45266 



specified time duration (e.g., for one hour, from 3:00 PM to 5:00 PM). The aging of these 
assigned public addresses is processed by the domain name server itself, or by the network 
address translator which sends a message to the domain name server when an assigned 
public address is no longer valid for a particular private network host. These messages are 
5 preferably sent using Simple Network Management Protocol (SNMP); although the present 
invention provides for the use of any appropriate communications mechanism. 

Embodiments of the present invention include computer-readable medium 
containing computer-executable instructions for performing a method of the present 
invention, and a computer system performing a method of the present invention. 

An embodiment of a method of the present invention provides for operating a 
computer system to respond to a domain name service query for a public address of a 
private network host. This method preferably comprises the steps of: receiving the domain 
name service query from a requesting host for the pubic address of the private network host; 
sending a request to a network address translator for the pubic address of the private 
network host; receiving a reply from the network address translator containing the pubic 
address of the private network host; and sending the pubic address of the private network 
host to the requesting host. Preferably, the public address is an Internet Protocol (IP) 
address. Preferably, the request to the network address translator is in a Simple Network 
Management Protocol format 

20 Preferably, the method further comprises the step of updating an address data 

structure in response to receiving the pubic address of the private network host. Preferably, 
the reply from the network address translator includes a time period in which the pubic 
address of the private network host is valid; and the method further comprises the step of 
updating the address data structure in response to the public address of the private network 

25 host not being valid. Preferably, the time period specifies a time duration of network 
inactivity for the public address. Preferably, the method further comprises the steps of: 
receiving a time-out message from the network address translator for the pubic address of 
the private network host; and updating the address data structure in response to receiving the 
time-out message. 



10 
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An embodiment of another method of the present invention provides for operating a 
computer system to respond to a request for a public address of a private network host. This 
method preferably comprises the steps of: receiving the request for the public address of the 
private network host from a querying system; dynamically assigning the public address for 
5 the private network host; and sending the assigned public address for the private network 
host to the querying system. Preferably, the public address is an Internet Protocol (IP) 
address. Preferably, the computer system comprises a network address translator. 
Preferably, the method further includes sending a time period in which the public address of 
the private network host is valid. Preferably, the method further comprises the step of 
10 sending a time-out message to the querying system for the assigned public address for the 
private network host. Preferably, the public address request is received and the public 
address is sent in a Simple Network Management Protocol format. 



BRIEF DESCRIPTION OF THE DRAWINGS 

The appended claims set forth the features of the present invention with particularity. 
1 5 The invention, together with its advantages, may be best understood from the following 
detailed description taken in conjunction with the accompanying drawings of which: 

FIG. 1 is a block diagram of an exemplary network environment in which the present 
invention may be practiced; 

FIGs. 2A-B illustrate an address data structure representing address data vised in 
20 practicing the present invention; 

FIG. 2C is a message sequence chart illustrating the flow of messages for requesting, 
dynamically assigning, and publicizing a public network address for a private network host 
in accordance with the present invention; 

FIG. 3 is a flow diagram illustrating the steps performed by the domain name server 
25 in an embodiment of the present invention; and 

FIG. 4 is a flow diagram illustrating the steps performed by the domain name server 
in an embodiment of the present invention. 



5 



WO 02/35801 



PCTYUS01/45266 



DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT 

Figure 1 and its discussion herein are intended to provide a description of a general 
computing environment in which the present invention can be practiced. The present 
invention is not limited to a single computing environment. Moreover, the architecture and 
5 functionality of the present invention as taught herein and would be understood by one 
skilled in the art is extensible to an unlimited number of computing environments and 
embodiments in keeping with the scope and spirit of the present invention. 

Turning first to FIG, 1, an exemplary operating environment is illustrated in which 
the present invention may be practiced. The present invention provides for dynamic 

1 0 assignment of a public network address to a private network host based on a request from a 
host external to the private network (e.g., located in the public network). The network 
diagram of FIG. 1 illustrates a private network 140 having an Internet domain name of 
"private.net", and a public network portion comprised of Internet 135 and public host 139 
connect to Internet 135 via facility 138. Private network 140 will first be described, and then 

15 the operation of an embodiment of the present invention with reference to the data 
structures, message sequence chart, and flow diagrams illustrated in FIGs. 2-5. 

Private network 140 comprises a network address translator 100 interconnected via a 
local area network (LAN) 195 with a domain name server (DNS) 150 and private network 
hosts 197-198. For illustrative purposes, domain name server 150 is located within private 
20 network 140. In other embodiments in keeping with the scope and spirit of the present 
invention, domain name server 150 is located external to private network 140. 

Network address translator 100 typically comprises a standard computer platform or 
a specialized computer platform optimized for performing its address translation function. 
Network address translator 100 comprises a processor 1 10, memory 115, storage devices 

25 120, a public network interface 125, and a private network interface 130, which are 

electrically coupled via bus 1 12. Public network interface 125 is connected to the public 
network (e.g., Internet 135) over facility 134. Memory 1 15 is one type of computer-readable 
medium, and typically comprises random access memory (RAM), read only memory 
(ROM), integrated circuits, and/or other memory components. Memory 115 typically stores 

30 computer-executable instructions to be executed by processor 1 10 and/or data which is 
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manipulated by processor 110. Storage devices 120 are another type of computer-readable 
medium, and typically comprise disk drives, diskettes, networked services, tape drives, and 
other storage devices. Storage devices 120 typically store computer-executable instructions 
to be executed by processor 1 10 and/or data which is manipulated by processor 1 10. 

5 Domain name server 1 50 typically comprises a standard computer platform having a 

network interface 175. Domain name server 150 comprises a processor 160, memory 165, 
storage devices 170, and a network interface 175, which are electrically coupled via bus 
162. Memory 165 is one type of computer-readable medium, and typically comprises 
random access memory (RAM), read only memory (ROM), integrated circuits, and/or other 

10 memory components. Memory 165 typically stores computer-executable instructions to be 
executed by processor 110 and/or data which is manipulated by processor 160. Storage 
devices 170 are another type of computer-readable medium, and typically comprise disk 
drives, diskettes, networked services, tape drives, and other storage devices. Storage devices 
170 typically store computer-executable instructions to be executed by processor 160 and/or 

1 5 data which is manipulated by processor 1 60. 

For illustration purposes, certain element of FIG. 1 have a domain name and/or an IP 
address. In this exemplary configuration, requesting public host 139 has domain name 
M public_host.public.net" with IP address 198.6.250.9; public network interface 125 of 
network address translator 100 has IP address 144.230.1.2; private network interface of 

20 network address translator 1 00 has IP address 1 0.0. 1.1; network interface 175 of domain 
name server 150 has domain name "dns.private.net 11 , a private network IP address of 
10.0.1.5, and a public IP address of 144.230.1.5; private network host 197 has domain name 
"host__a.private.net" and IP address of 10.0.1.7; and private network host 198 has domain 
name "host_b.private.net" and IP address of 10.0. 1 .8. The public IP address for network 

25 interface 175 of domain name server 150 is permanently defined in an address data structure 
of network address translator 100 to allow domain name server 150 to receive DNS requests 
from hosts outside private network 140. As would be understood by one skilled in the art, 
the exemplary domain names and IP addresses presented and discussed with reference to 
FIGS. 1-5 are used to help better describe the present invention, with the present invention 

30 not being so limited to this illustrated configuration. 
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Turning now to FIG. 2A, illustrated is an address data structure 200 which is 
maintained by domain name server 150 and also by network address translator 100. 
Address data structure 200 maintains entries comprising one or more of the following 
populated fields: hostname 201, private IP address 202, public IP address 203 and lease time 
5 204. Lease time 204 indicates a time period in which the public IP address 203 for the 
private network host (having hostname 201 and private IP address 202) is valid. 

Entries 2 1 0-230 correspond to the network configuration illustrated in FIG. 1 . Entry 
210 for "dns.private.net" with private IP address 10.0.1.5 illustrates that its public IP address 
of 1 44.23 0.1.5 has been permanently assigned to allow domain name server 1 50 to receive 

10 DNS requests from hosts outside private network 140. Entry 220 for "host_a.private.net" 
with private IP address 10.0.1.7 illustrates that its public IP address of 144.230. 1.10 has 
been dynamically assigned for a lease time of 1 hour. Entry 230 for "host_b.private.net" 
with private IP address 10.0.1.8 has no public IP address assigned at the present time. FIG. 
2C, in conjunction with FIG. 1, illustrates a method, in accordance with the present 

1 5 invention, for dynamically allocating a public IP address for host_b.private.net (entry 230). 

Turning now to FIG. 2C, illustrated is a message sequence chart illustrating 
messages passed between requesting host ,, public_host.public.net" 139 (FIG. 1), domain 
name server 150 (FIG. 1), and network address translator 100 (FIG. 1). Beginning with 
message 281, requesting host 139 sends a DNS query to domain name server 150 requesting 

20 the public address of the private network host "host_b.private.net" 198 (FIG. 1). Domain 
name server 150 then checks its address data structure 200 (FIG. 2) and determines that it 
currently does not know the requested public address for private network host 
"host_b.private.net" 198. Domain name server 150 then sends message 282 to network 
address translator 100 requesting the public address for private network host 

25 "host_b.private.net" 198. Network address translator 100 receives this request, then 

dynamically assigns an available public network address for the private network host from 
its pool of available public addresses. In this example, public address 144.230.1.13 is 
assigned, along with a lease time period of 1 5 minutes for the private host to use the 
dynamically assigned public address. Network address translator 100 sends, in 

30 message 283, this assigned public address for the private network host (and optionally the 

lease time period) to querying system, domain name server 150 in this example. Messages 

sent between domain name server 150 and network address translator 100 are preferably 

8 
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sent in a Simple Network Management Protocol (SNMP) format. Domain name server 1 50 
receives this reply, updates its address data structure 250 (FIG. 2B), and sends, in message 
284, the dynamically assigned public address of the private network host (and optionally the 
lease time period) to the requesting host. 

5 Turning now to FIG. 2B, illustrated is the updated address data structure 250, which 

is address data structure 200 of FIG. 2 A updated in accordance with the message sequence 
chart of FIG. 2C. Notice that elements 260 have been updated with the dynamically 
assigned public IP address (144.230.1.13) and lease time (15 minutes) for private network 
host host_b.private.net. 

1 0 The processing performed in accordance with the present invention for the domain 

name server 150 (FIG. 1) is further illustrated by the flow diagram of FIG. 3, which will 
now be described. Processing begins with step 300, and proceeds to step 310. If domain 
name server 150 determines that it has received a management message (e.g., an indication 
that a public address is no longer valid, or the publishing of a new public network address), 

15 then the domain name server 150 updates its address data structure accordingly in step 315. 

Next, in step 320, if domain name server 150 determines that a public address for a 
private network host has timed-out or expired, then domain name server 150 updates its 
address data structure accordingly in step 325 to remove or make inactive any timed-out 
addresses. 

20 Next, if domain name server 150 receives an DNS query as determined in step 330, 

then if the DNS query is for a host having a valid address in the address data structure as 
determined in step 340, then the address is retrieved from the address data structure and sent 
to the requesting host in step 345. This address could either be a valid public address for a 
private network host or a valid private network address depending on the request host. 

25 Otherwise, if the request if for a public address for a known private address as determined in 
step 350, then a request is sent in step 360 to the network address translator 100 for the 
public address of the private network host specified in the original DNS query. If a 
responsive message is received as determined in step 370, domain name server 150, in step 
380, relays the public address of the private network host to the request host. Otherwise, a 

30 message is sent to the requesting host that the address is unknown for the host specified in 
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the DNS query (steps 355, 375). Processing then returns to the top of the loop (step 3 10) to 
repeat the processing of steps illustrated in FIG. 3. 

Turning now to FIG. 4, illustrated are the steps performed by an embodiment of the 
network address translator 100 (FIG. 1) in accordance with the present invention. 
5 Processing begins with step 400, and proceeds to step 410, where the network address 
translator 100 determines whether a request has been received for a public address for a 
private network host. If such a request has been received, then network address 
translator 100 determines, in step 420, whether a valid public address is assigned for the 
private network host specified in the received request. If a valid address has already been 
10 assigned, the network address translator 100, in step 425, sends the public address (and 
optionally an indication of a time period for which the public network address is valid) to 
the querying system. 

Otherwise, the network address translator attempts to assign a public address for the 
specified private network host. If, at step 430, network address translator 100 determines 

1 5 that no public addresses are currently available, then a message indicating such is returned 
in step 435. Otherwise, network address translator 100 dynamically assigns a public address 
for the private network host (and updates its address data structure) in step 440. Then, in 
step 450, network address translator 100 sends the dynamically assigned public address (and 
optionally an indication of a time period for which the public network address is valid) to 

20 the querying system. 

Next, network address translator 100 determines, in step 460, if a dynamically 
assigned address has timed-out If so, then, in step 465, a message is sent to domain name 
server 1 50 (and any other querying system for that address) that the address is no longer 
valid, and network address translator 100 updates its address data structure. 

25 In view of the many possible embodiments to which the principles of our invention 

may be applied, it will be appreciated that the embodiment described herein with respect to 
the drawing figures is only illustrative and should not be taken as limiting the scope of the 
invention. To the contrary, the invention as described herein contemplates all such 
embodiments as may come within the scope of the following claims and equivalents thereof. 

30 



10 



WO 02/35801 



PCT/US01/45266 



CLAIMS: 

I claim: 

L A method for operating a computer system (150) to respond to a domain name 
service queiy for a public address of a private network host (197), the method comprising 
the steps of: 

receiving the domain name service query from a requesting host (139) for the pubic 
address of the private network host (197); 

sending a request to a network address translator (100) for the pubic address of the 
private network host (197); 

receiving a reply from the network address translator (100) containing the pubic 
address of the private network host (1 97); and 

sending the pubic address of the private network host (197) to the requesting host 

(139). 

2. The method of claim 1, wherein the public address is an Internet Protocol (DP) 
address. 

3. The method of claim 1, further comprising the step of updating an address data 
structure in response to receiving the pubic address of the private network host (197). 

4. The method of claim 3, wherein the reply from the network address translator 
(100) includes a time period in which the pubic address of the private network host (197) is 
valid; and the method further comprising the step of updating the address data structure in 
response to the public address of the private network host (197) not being valid. 

5. The method of claim 4, wherein the time period specifies a time duration of 
network inactivity for the public address. 

6. The method of claim 3, further comprising the steps of: 

receiving a time-out message from the network address translator (100) for the pubic 
address of the private network host (197); and 

updating the address data structure in response to receiving the time-out message. 
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7. The method of claim 1, wherein the request to the network address translator 
(100) is in a Simple Network Management Protocol format. 

8. A method for operating a computer system (100) to respond to a request for a 
public address of a private network host (197), the method comprising the steps of: 

5 receiving the request for the public address of the private network host (1 97) from a 

querying system (150); 

dynamically assigning the public address for the private network host (1 97); and 
sending the assigned public address for the private network host (197) to the 

querying system (150). 

10 9. The method of claim 8, wherein the public address is an Internet Protocol (IP) 

address. 

10. The method of claim 8, wherein the computer system (100) comprises a network 
address translator (100). . 

1 1. The method of claim 8, further including sending a time period in which the 
15 public address of the private network host (197) is valid. 

12. The method of claim 8, further comprising the step of sending a time-out 
message to the querying system (150) for the assigned public address for the private network 
host (197). 

13. The method of claim 8, wherein the public address request is received and the 
20 public address is sent in a Simple Network Management Protocol format. 

14. A computer-readable medium (165) having computer-executable instructions for 
performing steps for operating a computer system (150) to respond to a domain name 
service query for a public address of a private network host (197), the steps comprising: 

receiving the domain name service query from a requesting host (139) for the pubic 
25 address of the private network host (197); 

sending a request to a network address translator (100) for the pubic address of the 
private network host (197); 

12 
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receiving a reply from the network address translator (100) containing the pubic 
address of the private network host (197); and 

sending the pubic address of the private network host (197) to the requesting host 

(139). 

5 15. The computer-readable medium (165) of claim 14, wherein the public address is 

an Internet Protocol (IP) address. 

16. The computer-readable medium (165) of claim 14, having further 
computer-executable instructions for performing the step of updating an address data 
structure in response to receiving the pubic address of the private network host (197). 

10 17. The computer-readable medium ( 1 65) of claim 1 6, wherein the reply from the 

network address translator (1 00) includes a time period in which the pubic address of the 
private network host (197) is valid; and having further computer-executable instructions for 
performing the step of updating the address data structure in response to the public address 
of the private network host (197) not being valid. 

15 18. The computer-readable medium (165) of claim 17, wherein the time period 

specifies a time duration of network inactivity for the public address. 

19. The computer-readable medium (165) of claim 16, having further 
computer-executable instructions for performing the steps of: 

receiving a time-out message from the network address translator (100) for the pubic 
20 address of the private network host (1 97); and 

updating the address data structure in response to receiving the time-out message. 

20. The computer-readable medium (165) of claim 14, wherein the request to the 
network address translator (100) is in a Simple Network Management Protocol format. 

21 . A computer-readable medium (115) having computer-executable instructions for 
25 performing steps for operating a computer system (100) to respond to a request for a public 

address of a private network host (139), the steps comprising; 

receiving the request for the public address of the private network host (139) from a 
querying system (150); 

13 
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dynamically assigning the public address for the private network host (139); and 
sending the assigned public address for the private network host (139) to the 
querying system (150). 

22. The computer-readable medium (1 1 5) of claim 21, wherein the public address is 
5 an Internet Protocol (IP) address. 

23. The computer-readable medium (1 15) of claim 21, wherein the computer system 
(100) comprises a network address translator (100). 

24. The computer-readable medium (1 15) of claim 21, having further 
computer-executable instructions for sending a time period in which the public address of 

10 the private network host ( 1 97) is valid. 

25. The computer-readable medium (115) of claim 21, having further 
computer-executable instructions for performing the step of sending a time-out message to 
the querying system (150) for the assigned public address for the private network host (197). 

26. The computer-readable medium (1 15) of claim 21, wherein the public address 

15 request is received and the public address is sent in a Simple Network Management Protocol 
format 
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Hostname 
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host_b.private.net 



202 1 
Private IP Address 
10.0.1.5 
10.0.1.7 
10.0.1.8 



203, 



204 \ 
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144.230.1.5 Permanent 
144.230.1.10 1 hour 



210 
220 

230 



Fig, 2A - Address Data Structure 
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Hostname Private IP Address Public IP Address Lease Time 

dns.private.net 10.0.1.5 144.230.1.5 Permanent 

hosLa.private.net 10.0.1.7 144.230.1.10 1 hour 
host__b.private.net 10.0.1 .8 



144.230.1.13 15 Minutes 



260 



Fig. 2B - Updated Address Data Structure 
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Fig. 2C - Public Network Address Request 
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Fig. 3 - Domain Name Server 
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Fig. 4 - Network Address Translator 



(12) INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) 



(19) World Intellectual Property Organization 
International Bureau 

(43) International Publication Date 
2 May 2002 (02.05.2002) 




PCT 



( iiiii irii KK fi nifff iirti mi f h in in 11 Hiir urif rim iifii kii iri(t n mi nn nii 

(10) International Publication Number 

WO 02/035801 A3 



(51) International Patent Classification 7 : H04L 29/12 

(21) International Application Number: PCTAJSO 1/45266 

(22) International Filing Date: 24 October 2001 (24.10.2001) 

(25) Filing Language: English 

(26) Publication Language: English 



(30) Priority Data: 

09/695,109 



24 October 2000 (24. 10.2000) US 



(71) Applicant: SPRINT COMMUNICATIONS COM- 
PANY, L.P. [US/US]; 8140 Wan! Parkway, Kansas City, 
MO 64114 (US). 

(72) Inventor: MCPHERSON, John; 914 South 2nd Street, 
Leavenworth, KS 66048 (US). 

(74) Agents: KIM, Eugene, G. et al.; Faegre & Benson LLP, 
1900 Fifteenth Street, Boulder, CO 80302 (US). 

(81) Designated States (national): AE, AG, AL, AM, AT, AU, 
AZ, BA, BB, BG, BR, BY, BZ, CA, CH, CN, CO, CR, CU, 
CZ, DE, DK, DM, DZ, EC, EE, ES, FI, GB, GD, GE, GH, 



GM, HR, HU, ID, IL, IN, IS, JP, KE, KG, KP, KR, KZ, LC, 
LK, LR, LS, LT, LU, LV, MA, MD, MG, MK, MN, MW, 
MX, MZ, NO, NZ, PH, PL, PT, RO, RU, SD, SE, SG, SI, 
SK, SL, TJ, TM, TR, TT, TZ, UA, UG, UZ, VN, YU, ZA, 
ZW. 

(84) Designated States (regional): ARIPO patent (GH, GM, 
KE, LS, MW, MZ, SD, SL, SZ, TZ, UG, ZW), Eurasian 
patent (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM), European 
patent (AT, BE, CH, CY, DE, DK, ES, FI, FR, GB, GR, IE, 
IT, LU, MC, NL, PT, SE, TR), OAPI patent (BF, BJ, CF, 
CG, CI, CM, GA, GN, GQ, GW, ML, MR, NE, SN, TD, 
TG). 

Declarations under Rule 4.17: 

— as to applicant 's entitlement to apply for and be granted a 
patent (Rule 4 J 7(H)) for all designations 

— as to the applicant 's entitlement to claim the priority of the 
earlier application (Rule 4. 1 7(iii)) for all designations 

Published: 

— with international search report 

(88) Date of publication of the international search report: 

23 January 2003 

[Continued on next page] 



(54) Title: METHOD AND APPARATUS FOR DYNAMIC ALLOCATION OF PRIVATE ADDRESS SPACE BASED UPON 
DOMAIN NAME SERVICE QUERIES 




< 



00 

to 



(57) Abstract: According to the invention, a method and apparatus are disclosed for dynamically assigning a public network address 
for a private network host (197) in response to a request generated external to the private network (140). A requesting host (139) 
desiring access to a host (139) with the private network (140) queries a domain name server (150) for the public network address 
of the private network host (197). Then, the domain name server (150) queries a network address translator (100) of the private 
network (140), and receives a reply indicating a dynamically allocated public network address for the specified private network host 
(197). The requesting host (139) can then use this returned public network address for communicating with the private network 
host (197). In this manner, a set of public addresses can be shared, with a public network address being dynamically allocated to a 
private network host (197) in response to a request for access by a host external to the private network (140). Moreover, a public 
network address is assigned to a private network host (197) for a limited period of time. This time period can be specified as a period 
of network inactivity related to the public network address, or a specified time duration (e.g., for one hour, from 3:00 PM to 5:00 
PM). The aging of these assigned public addresses is processed by the domain name server (150) itself, or by the network address 
translator (100) which sends a message to the domain name server (150) when an assigned public address is no longer valid for a 
particular private network host (197). 



WO 02/035801 A3 lllllllllllllillllllllllllill 



For two-letter codes and other abbreviations, refer to the "Guid- 
ance Notes on Codes and Abbreviations'* appearing at the begin- 
ning of each regular issue of the PCT Gazette. 



INTERNATIONAL SEARCH REPORT 



In tal Application No 

PCT/US 01/45266 



A. CLASSIFICATION OF SUBJECT MATTER 

IPC 7 H04L29/12 

According to International Patent Classification (IPC) or to both national classification and IPC 

a FIELDS SEARCHED 

Minimum documentation searched (classification syslem followed by classification symbols) 

IPC 7 H04L 

Documentation searched other than minimum documentation to the extent that such documents are Included In the fields searched 
Electronic data base consulted during the International search (name of data base and. where practical, search terms used) 

EPO-Internal , WPI Data, PAO 



C. DOCUMENTS CONSIDERED TO BE RELEVANT 



Category 0 Citation of docurnenl, with indication, where appropriate, of the relevant passages 



Relevant to daim No. 



TSUCHIYA P F ET AL: "Extending the IP 
Internet through address reuse" 
COMPUTER COMMUNICATIONS REVIEW, 
ASSOCIATION FOR COMPUTING MACHINERY. NEW 
YORK, US, 

vol. 1, no. 23, 1993, pages 16-33, 

XP002075152 

ISSN: 0146-4833 

page 17, paragraph 6 -page 18, paragraph 
page 21, paragraphs 3,4 
page 26, paragraphs 3,4 



1-26 



□ 



Further documents are listed In the continuation of box C. 



□ 



Patent family members are listed In annex 



° Special categories of cited documents : 

■A" document defining the general state of the art which Is not 

considered to be of particular relevance 
*E" earlier document but published on or after the international 

filing date 

•L' document which may throw doubts on priority c!aim(e) or 
which is cited to establish the publication date of another 
citation or other special reason (as specified) 

*0 ( document referring to an oral disclosure, use, exhibition or 
other means 

*P* document published prior to the International filing date but 
later than the priority date claimed 



T later document published after the international filing date 
or priority date and not in conflict with the application but 
cited to understand the principle or theory underlying the 
Invention 

"X 1 document of particular relevance; the claimed Invention 
cannot be considered novel or cannot be considered to 
Involve an Inventive Btep when the document is taken alone 

"Y* document of particular relevance; the claimed invention 

cannot be considered to Involve an Inventive step when the 
document Is combined with one or more other such docu- 
ments, such combination being obvious to a person skilled 
in the art 

document member of the same patent family 



Date of the actual completion of the International search 

15 October 2002 


Date of mailing of the international search report 

23/10/2002 


Name and mailing address of the ISA 

European Petent Office, P.B. 5818 Patentlaan 2 
NL-2280HVRIjSWijk 
Tel. (+31-70) 340-2040, Tx. 31 651 epo nl, 
Fax (+31-70) 340-3016 


Authorized officer 

Paven, A 



Foim PCT/1SA/210 (second sheet) (Jul/ 1992) 



